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Bove and Capretta's popular method for justifying function definitions by general recursive equations 
is based on the observation that any structured general recursion equation defines an inductive subset 
of the intended domain (the "domain of definedness") for which the equation has a unique solution. 
To accept the definition, it is hence enough to prove that this subset contains the whole intended 
domain. 

This approach works very well for "terminating" definitions. But it fails to account for "produc- 
tive" definitions, such as typical definitions of stream-valued functions. We argue that such defini- 
tions can be treated in a similar spirit, proceeding from a different unique solvability criterion. Any 
structured recursive equation defines a coinductive relation between the intended domain and in- 
tended codomain (the "coinductive graph"). This relation in turn determines a subset of the intended 
domain and a quotient of the intended codomain with the property that the equation is uniquely 
solved for the subset and quotient. The equation is therefore guaranteed to have a unique solution for 
the intended domain and intended codomain whenever the subset is the full set and the quotient is by 
equaUty. 

Unique solutions to recursive equations General recursive definitions are commonplace in program- 
ming practice. 

In particular, it is highly desirable to be able to define functions by some forms of controlled general 
recursion in type-theoretically motivated languages of total functional programming (in particular, proof 
assistants) that come with a set-theoretic rather than a domain-theoretic semantics. For an overview of 
this area, see Bove et al. Q. 

In this paper, we are concerned with describing a function / : A — B definitely by an equation of the 
form: 

FA^^A (1) 

Ff f 

FB ^B 

P 

where A, B are sets (the intended domain and codomain), F is a functor (the branching type of recursive 
call [corecursive return] trees), a is an F-coalgebra structure on A (marshals arguments for recursive 
calls) and j3 is an F-algebra structure on B (collects recursive call results). We are interested in condi- 
tions under which the equation is guaranteed to have a unique solution (rather than a least solution in a 
domain-theoretic setting or some solution that is canonical in some sense). There are several important 
generalizations of this setting, but we will not treat them here. 
There are some well-known good cases. 
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Some good cases (1): Initial algebra The following equation has a unique solution for any B, jS. 



1 + El X List ■ List 



l + Elx/ 

1 + EI xB 



B 



E.g., for B = List (lists over El), jS = ins (insertion of an element into a list assumed to be sorted), we get 
/ = isort (insertion sort). 

A unique / exists because (List, [nil, cons]) is the initial algebra for the functor FX = 1 + El x X. It 
is the fold (the unique algebra map) determined by the algebra (B, j8). 



Some good cases (2): Recursive coalgebras A unique solution exists for any B, j3 also for the equation 



1 + El X List X List 

l+Elx/x/ 

1 + EI xBxB — 



qsplit 



List 

/ 



where qsplit nil = inl* and qsplit (cons (x,x5)) = \nr {x,xs\<x,xs\^f)- E.g., for B = List, j3 = concat 
(concatenation of the first list, the element and the second list), we get / = qsort (quicksort). 

(List, qsplit) is not the inverse of the initial algebra of FX = l + ElxXxX (which is the algebra of 
binary node-labelled trees), but we still have a unique / for any (B,j3). 

For this property, (List, qsplit) is called a recursive coalgebra of F. Recursive F-coalgebras form 
a full subcategory of the category of all F-coalgebras. The inverse of the initial F-algebra is the final 
recursive F-coalgebra. 

While recursiveness is a very useful property of a coalgebra, it is generally difficult to determine 
whether a given coalgebra is recursive. For more information on recursive coalgebras, see Taylor lISll . 
Capretta et al. [6], Adamek et al. yj. 



Some good cases (3): Final coalgebra This equation has a unique solution for any A, a. 



El xA- 

l+Elx/ 

El X Str 



(hd,tl)- 



/ 

Str 



E.g., for A = Str (streams), a = (hd,tl oti) (the analysis of a stream into its head and the tail of its tail), 
we get / = dropeven (the function dropping every even-position element of a given stream). 

A unique / exists for any (A, a) because (Str, (hd,tl)) is the final coalgebra of FX = El x X. It is 
the unfold (the unique F-coalgebra map) given by the coalgebra (A, a). 
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Some good cases (4): Corecursive algebras This equation has a unique solution for any A, a: 



f 



smerge 

Here hd {smerge{x,xso,xsi)) = x and tl {5merge{x,xso,xsi)) = 5merge{hdxso,xsi,t\xso). 

(Str, smerge) is not the inverse of the final coalgebra of FX = E\xX xX, but a unique / still exists 
for any (A, a). We say that (Str, smerge) is a corecursive algebra of F, cf. Capretta et al. JTl. [The 
inverse of the final F-coalgebra is the initial corecursive F-algebra and thus a special case.] Similarly to 
recursiveness of a coalgebra, corecursiveness of an algebra is a useful property, but generally difficult to 
establish. 

The equation [T] can of course have a unique solution also in other cases. In particular, it may well 
happen that neither is (A, a) corecursive nor is (B,j8) recursive, but the equation still has exactly one 
solution. 



ElxAxA-^ 

Elx/x/ 

i 

El X Str X Str 



General case (1): Inductive domain predicate Bove and Capretta EIH put forward the following 
approach to recursive definitions in type theory (the idea has occurred in different guises in multiple 
places; it must go back to McCarthy): for a given recursive definition, work out its "domain of definition" 
and see if it contains the intended domain. 

For given (A, a), define a predicate dom on A inductively by 

a : A (Fdom) {aa) 
dom a 



(i.e., as the smallest/strongest predicate validating this rule), denoting hy FP the lifting of a predicate P 
from A to FA. 

Write A|dom for the subset of A determined by the predicate dom, the "domain of definedness". It is 
easily verified that, for any (B, j8), there is / : Aldom — ^ ^ uniquely solving 



F{A 

Ff 

FB 



om ) 



^ I dorr 



■ A I dom 

/ 

B 



If Va : A. dom a, which is the same as A|dom — A, then / is a unique solution of the original equation[T| 
i.e., the coalgebra (A, a) is recursive. 

For A = List, a = qsplit, dom is defined inductively by 

X : El xs : List dom (x5'|<;i.) dom {xs\yx) 
dom nil dom (cons (x,xs)) 



We can prove that \/xs : List, domxs. Hence (List, qsplit) is recursive. 
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If ^Idom = A, the coalgebra (A, a) is said to be wellfounded. Wellfoundedness gives an induction 
principle on A: For any predicate P on A, we have 

a': A {FP){aa') 

a : A /V 

Pa 

We have seen that wellfoundedness suffices for recursiveness. In fact, it is also necessary. While this 
equivalence is easy for polynomial functors on the category of sets, it becomes remarkably involved in 
more general settings, see Taylor ||8l. 

For FX = l + ElxXxX,A = List, a = qsplit, we get this induction principle: 

x:EI : List P{xs'\<x) P{xs'\>x) 
X5 : List Pnil P (cons 

PX5 

General case (2): Inductive graph relation The original Bove-Capretta method separates determin- 
ing the domain of definition of a function from determining its values. Bove ||2| showed that this separa- 
tion can be avoided. 

For given (A, a), (B,j8), define a relation | between A, B inductively by 

a: A bs:FB aa{F\)bs 
aljibs 

Further, define a predicate Dom on A by 

Doma = 3b : B.alb 

It is straightforward to verify that Va : A,Zj,Z?* : B.alb Aalb^^ -^b = b^. Moreover, it is also the case 
that \/a : A. Dom a o dom a. So, Dom does not really depend on the given (B, j8) ! 

From the last equivalence it is immediate that there is / : A|Dom B uniquely solving 

^(Aloom) -^^Aloom 

Ff 

FB ^B 

P 

And, if Va : A. Dom a, which is the same as A|Dom — A, then / is a unique solution of the original 
equation. 

As a matter of fact, recursiveness and wellfoundedness are equivalent exactly because Vc? : A. Dom a -f-)- 
doma. 

For FX = l + ElxXxX, A = List, a = qsplit, B = List, j8 = concat, the relation | is defined 
inductively by 

X : El xi' : List xs\<xiyso xs\>xiysi 
nil I nil cons (x,x5) |app {yso, cons(x,y5'i)) 
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Inductive domain and graph do not work for non-terminating productive definitions Unfortu- 
nately, for our dropeven example, 

El X Str ^ Str 



l+Elxdropeven 

El X Str 



dropeven 

Str 



{hd,tl)-' 

we get \/xs : Str.dom;c5 = _L! Now, surely there is a unique function from — Str. But this is uninter- 
esting! We would like to learn that there is a unique function Str — )• Str. 

Intuitively, the reason why this equation has a unique solution lies not in how a given argument is 
consumed but in how the corresponding function value is produced. This is not a terminating but a 
productive definition. 

General case (3): Coinductive bisimilarity relation The concept of the domain of definedness can 
be dualized [7|. Besides partial solutions that are defined only on a subset of the intended domain, it 
makes sense to consider "fuzzy" solutions that are defined everywhere but return values in a quotient 
of the intended codomain. But since the category of sets is not self-dual, the theory dualizes only to a 
certain extent and various mismatches arise. 

For given (B, j8), define a relation ^ onB coinductively by 



b,b^ 



B b: 



3bs, bs^ : FB.b = l5bsAb^= Pbs^A bs {F f«* ) bs^ 



(i.e., we take to be the largest/coarsest relation validating this rule). 
There need not necessarily be a function / solving the equation 



FA 



F{BI^,) 



but, if such a function exists, it can easily checked to be unique. (See Capretta et al. |7, Thm. 1].) 

lf\/b,b.f : B.b ^ b^ ^ b = b-f, which is the same as B/~* = B (where B/~* is the quotient of B by the 
reflexive-transitive closure of w), we say that (B,j3) is antifounded. If (B,j3) is antifounded, solutions to 
equation [T] are the same as solutions to the equation above, and thus unique. 

For FX = El X X X X, B = Str, j8 = smerge, the relation is defined coinductively by 



Str xs 



3x : E\,xsQ,xs[,xsoi,,xsi^ : Str. 

xs = svnerge{x,xso,xsi) Axs^ = smerge(x,x5'o*,x5'i*) Ax^o ~ xsq^ Axsi ^ xsi^ 

It turns out that \/xs,xs' : Str.;c5 « xs' xs = xs'. Based on this knowledge, we may conclude that 
solutions are unique. (They do in fact exist as well for this example, but this has to be verified separately.) 

Solutions need not exist for antifounded algebras. E.g., for FX = X, B = Nat, j3 = succ, we have 
that (6, j8) is antifounded, but for A any set and a = idA, the equation has the form fa = succ (/ a) and 
has no solutions. 
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We have thus seen that antifoundedness of (B,j8) does not guarantee that it is corecursive. The 
converse also fails: not every corecursive algebra (B,jS) is antifounded [7, Prop. 5]. 

However, for an antifounded algebra (B, j3), we do get an interesting coinduction principle on B: For 
any relation R on B, we have 

b',b',:B b'Rb', 

b,b, : B bRb, 3bs',bs', : FB.b' = fibs' Ab', =pbs',Abs' iFR*)bs', 

b = b^ 

For FX = E\xXxX,B = Str, j8 = smerge, we get this coinduction principle: 

xs' ,xs'^ : Str xs' Rxs'^ 

xs = smerge{x ,xsq,xs\) Axs\^ = smerge[x ,xsq^,,xs\^j AxsqRxs^^ Axs\Rxs\^ 



General case (4): Coinductive graph relation Could one also dualize the notion of the inductive 
graph? The answer is positive. Differently from the case of the coinductive concept of bisimilarity, this 
yields a criterion of unique solvability. 

For given {A, a), (B, j3 ), define a relation between A, B coinductively by 

a :A b : B a\.°°b 



3bs:FB.b = pbsAaa {F bs 
Define a predicate Dom" on A by 

Dom°°a = 3b : B.a\!" b 
Now we can construct / : Aloom"" — ^ B/~* that we can prove to uniquely solve 



F{A\Dorrr) — ^loom" 



FiBM 



If both Vc? : A. Dom°°fl; and \/b,b^ : B.b ^ b^ ^ b = b^, which are the same as A|Dom°° — A resp. 
B/~* = B, then / uniquely solves also the equation [T] Notice, however, that in this situation we have 
obtained a unique solution only for the given (A, a): we have not established that {B,j5) is corecursive. 

To formulate a further condition, we define a relation = on B by 

b = b^ = 3a : A. a l°° b Aa l°° b^ 

A unique solution to equation [T] also exists if Va : A. Dom°°a and VZ?,&* : B .b = b^ ^ b = b^. 
This condition is weaker: while 'ib^b^ : B .b = b^ ^ b ^ b^, the converse is generally not true. 
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For FX = E\xXxX,B = Str, jS = smerge and any fixed A, a, the relation is defined coinductively 

by 

a :A xs : Str a \°° xs 
3xsq,xs\ : Str.xs = smerge (fst {aa),xso,xs\) Afst (snd {aa))\.°°xso A snd (snd {a a)) \,°°xsi 

It turns out that \/a : A. Dom°°a no matter what A, a are. So in this case we do have a unique solution / 
for any A, a, i.e., (Str, smerge) is corecursive. 

Conclusion We have considered two flavors of partiality of a function: a function may be defined only 
on a subset of the intended domain and the values it returns may be underdetermined. 

The Bove-Capretta method in its graph-based version scales meaningfully to equations where unique 
solvability is not due to termination, but productivity or a combination the two. But instead of one 
condition to check by ad-hoc means, there are two in the general case. 

The theory of corecursion/coinduction is not as clean as that of recursion/induction — in particular, to 
admit coinduction is not the same as to admit corecursion. We would like like to study the coinductive 
graph approach further and to find out to what extent it proves useful in actual programming practice. 
The main pragmatic issue is the same as with Bove and Capretta's method: how to prove the conditions. 
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